I'm not a Cryptography expert, but i've seen this topic sometimes on the Web: Master decrypt keys.

Most of the people said that "Master decrypt key" does not exist.

This makes sense if you developed your own Cryptography software.

But if a company releases a cryptography software, where the user must enter the content (string or file), and a password, and then he gets the output, wouldnt the company be able to include the user password in another string encrypted with the company's password in somepart of the file? so no matter the user has encrypted the file with 30 keys, the company could decrypt it's part of the file and get the user key to decrypt the entire file

Many respectable security applications, including GPG, can be configured to encrypt in a manner such that a "Master decrypt key" can decrypt. This is useful in a corporate context, so that what employees send can be deciphered in case of need. In GPG 1.4, this can be accomplished with encrypt-to keyID in gpg.conf. This is not covert, and warnings will appear if the "Master decrypt key" is not entrusted.
–
fgrieuFeb 19 '13 at 11:42

3 Answers
3

In theory, someone could do this, but in practice nobody really uses random, sketchy third party cryptography software. Most, if not all, of the commonly used cryptography functions are well understood and tested. Most of them also openly reveal precisely how they work so anyone can implement them. This means lots of people can analyse the algorithms for built in weaknesses like the one you described.

The case you described is a good reason to stay away from unknown and untrusted third party cryptography software.

I'm taking a course on cryptography. In the first lecture, we were advised, in practice, not to use algorithms that weren't proved by the professional community as "secure".

This question is also related to some conspiracy theories, or imaginations, that powerful governments (not to name any here) have master keys that can decrypt whatever encrypted data they found suspicious, no matter how "secure" the cipher used or long the key used e.g. AES 256-bit.

I believe the skipjack" algorithm, used in the clipper chip, had a kind of master key functionality, such that with the "law enforcement" field and some information about
the system that was not public, it was possible to decrypt the traffic.

Perhaps because of this acknowledged back door, the clipper chip was never widely used. The details of the algorithm were eventually published, which I presume makes the clipper chip and the skipjack algorithm completely useless, since now anyone can decrypt everything.

It's much more common to design a "master key" around the idea of keeping a copy
of the actual key somewhere, encrypted and/or or secretly stored external to the
encrypted file.

Interesting. Does that mean that the key escrow system could be applied to any underlying encryption algorithm?
–
ddyerJul 1 '13 at 17:06

Sure - key escrow is exactly what it sais: your keys are held in escrow by a third party, and can be accessed by the second party according to the terms of the escrow agreement.
–
archieJul 1 '13 at 20:04